1 files changed, 167 insertions, 23 deletions
diff --git a/src/testing/netjail_core.sh b/src/testing/netjail_core.sh
index cf350d3fa..ef0a54a5e 100755
--- a/src/testing/netjail_core.sh
+++ b/src/testing/netjail_core.sh
@@ -2,6 +2,7 @@
 # 
+PREFIX=${PPID:?must run from a parent process}
 # running with `sudo` is required to be
 # able running the actual commands as the
@@ -9,10 +10,61 @@
 export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-netjail_check() {
+export RESULT=
-        NODE_COUNT=$1
+export NAMESPACE_NUM=0
+export INTERFACE_NUM=0
+netjail_next_namespace() {
+        local NUM=$NAMESPACE_NUM
+        NAMESPACE_NUM=$(($NAMESPACE_NUM + 1))
+        RESULT=$NUM
+}
+netjail_next_interface() {
+        local NUM=$INTERFACE_NUM
+        INTERFACE_NUM=$(($INTERFACE_NUM + 1))
+        RESULT=$NUM
+}
+netjail_opt() {
+        local OPT=$1
+        shift 1
+        INDEX=1
+        while [ $# -gt 0 ]; do
+                if [ "$1" = "$OPT" ]; then
+                        RESULT=$INDEX
+                        return
+                fi
+                INDEX=$(($INDEX + 1))
+                shift 1
+        done
+        RESULT=0
+}
+netjail_opts() {
+        local OPT=$1
+        local DEF=$2
+        shift 2
+        
+        while [ $# -gt 0 ]; do
+                if [ "$1" = "$OPT" ]; then
+                        printf "$2"
+                        return
+                fi
+                shift 1
+        done
+        
+        RESULT="$DEF"
+}
-        FD_COUNT=$(($(ls /proc/self/fd | wc -w) - 4))
+netjail_check() {
+        local NODE_COUNT=$1
+        local FD_COUNT=$(($(ls /proc/self/fd | wc -w) - 4))
        # quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`:
        # the script also requires `sudo -C ($FD_COUNT + 4)`
@@ -25,43 +77,81 @@ netjail_check() {
        fi
 }
-netjail_print_name() {
+netjail_check_bin() {
-        printf "%s%02x%02x" $1 $2 ${3:-0}
+        local PROGRAM=$1
+        local MATCH=$(ls $(echo $PATH | tr ":" "\n") | grep "^$PROGRAM\$" | tr "\n" " " | awk '{ print $1 }')
+        # quit if the required binary $PROGRAM can not be
+        # found in the used $PATH.
+        if [ "$MATCH" != "$PROGRAM" ]; then
+                echo "Required binary not found: $PROGRAM" >&2
+                exit 1
+        fi
 }
 netjail_bridge() {
-        BRIDGE=$1
+        netjail_next_interface
+        local NUM=$RESULT
+        local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
        ip link add $BRIDGE type bridge
        ip link set dev $BRIDGE up
+        
+        RESULT=$BRIDGE
+}
+netjail_bridge_name() {
+        netjail_next_interface
+        local NUM=$RESULT
+        local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
+        
+        RESULT=$BRIDGE
 }
 netjail_bridge_clear() {
-        BRIDGE=$1
+        local BRIDGE=$1
        ip link delete $BRIDGE
 }
 netjail_node() {
-        NODE=$1
+        netjail_next_namespace
+        local NUM=$RESULT
+        local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
        ip netns add $NODE
+        
+        RESULT=$NODE
+}
+netjail_node_name() {
+        netjail_next_namespace
+        local NUM=$RESULT
+        local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
+        
+        RESULT=$NODE
 }
 netjail_node_clear() {
-        NODE=$1
+        local NODE=$1
        ip netns delete $NODE
 }
 netjail_node_link_bridge() {
-        NODE=$1
+        local NODE=$1
-        BRIDGE=$2
+        local BRIDGE=$2
-        ADDRESS=$3
+        local ADDRESS=$3
-        MASK=$4
+        local MASK=$4
        
-        LINK_IF="$NODE-$BRIDGE-0"
+        netjail_next_interface
-        LINK_BR="$NODE-$BRIDGE-1"
+        local NUM_IF=$RESULT
+        netjail_next_interface
+        local NUM_BR=$RESULT
+        
+        local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF)
+        local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
        ip link add $LINK_IF type veth peer name $LINK_BR
        ip link set $LINK_IF netns $NODE
@@ -72,28 +162,47 @@ netjail_node_link_bridge() {
        ip -n $NODE link set up dev lo
        ip link set $LINK_BR up
+        
+        RESULT=$LINK_BR
+}
+netjail_node_link_bridge_name() {
+        
+        netjail_next_interface
+        netjail_next_interface
+        local NUM_BR=$RESULT
+        
+        local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
+        
+        RESULT=$LINK_BR
+}
+netjail_node_unlink_bridge() {
+        local LINK_BR=$1
+        ip link delete $LINK_BR
 }
 netjail_node_add_nat() {
-        NODE=$1
+        local NODE=$1
-        ADDRESS=$2
+        local ADDRESS=$2
-        MASK=$3
+        local MASK=$3
        ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE
 }
 netjail_node_add_default() {
-        NODE=$1
+        local NODE=$1
-        ADDRESS=$2
+        local ADDRESS=$2
        ip -n $NODE route add default via $ADDRESS
 }
 netjail_node_exec() {
    JAILOR=${SUDO_USER:?must run in sudo}
-        NODE=$1
+        local NODE=$1
-        FD_IN=$2
+        local FD_IN=$2
-        FD_OUT=$3
+        local FD_OUT=$3
        shift 3
        ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN
@@ -114,3 +223,38 @@ netjail_node_exec_without_fds_and_sudo() {
        ip netns exec $NODE $@
 }
+netjail_kill() {
+        local PID=$1
+        local MATCH=$(ps --pid $PID | awk "{ if ( \$1 == $PID ) { print \$1 } }" | wc -l)
+        if [ $MATCH -gt 0 ]; then
+                kill -n 19 $PID
+                for CHILD in $(ps -o pid,ppid -ax | awk "{ if ( \$2 == $PID ) { print \$1 } }"); do
+                        netjail_kill $CHILD
+                done
+                kill $PID
+        fi
+}
+netjail_killall() {
+        if [ $# -gt 0 ]; then
+                local PIDS=$1
+                for PID in $PIDS; do
+                        netjail_kill $PID
+                done
+        fi
+}
+netjail_waitall() {
+        if [ $# -gt 0 ]; then
+                local PIDS=$1
+                for PID in $PIDS; do
+                        wait $PID
+                done
+        fi
+}

diff --git a/src/testing/netjail_core.sh b/src/testing/netjail_core.sh index cf350d3fa..ef0a54a5e 100755 --- a/src/testing/netjail_core.sh +++ b/src/testing/netjail_core.sh
@@ -2,6 +2,7 @@
2	#	2	#
3		3
4		4
		5	PREFIX=${PPID:?must run from a parent process}
5		6
6	# running with `sudo` is required to be	7	# running with `sudo` is required to be
7	# able running the actual commands as the	8	# able running the actual commands as the
@@ -9,10 +10,61 @@
9		10
10	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"	11	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
11		12
12	netjail_check() {	13	export RESULT=
13	NODE_COUNT=$1	14	export NAMESPACE_NUM=0
		15	export INTERFACE_NUM=0
		16
		17	netjail_next_namespace() {
		18	local NUM=$NAMESPACE_NUM
		19	NAMESPACE_NUM=$(($NAMESPACE_NUM + 1))
		20	RESULT=$NUM
		21	}
		22
		23	netjail_next_interface() {
		24	local NUM=$INTERFACE_NUM
		25	INTERFACE_NUM=$(($INTERFACE_NUM + 1))
		26	RESULT=$NUM
		27	}
		28
		29	netjail_opt() {
		30	local OPT=$1
		31	shift 1
		32
		33	INDEX=1
		34
		35	while [ $# -gt 0 ]; do
		36	if [ "$1" = "$OPT" ]; then
		37	RESULT=$INDEX
		38	return
		39	fi
		40
		41	INDEX=$(($INDEX + 1))
		42	shift 1
		43	done
		44
		45	RESULT=0
		46	}
		47
		48	netjail_opts() {
		49	local OPT=$1
		50	local DEF=$2
		51	shift 2
		52
		53	while [ $# -gt 0 ]; do
		54	if [ "$1" = "$OPT" ]; then
		55	printf "$2"
		56	return
		57	fi
		58
		59	shift 1
		60	done
		61
		62	RESULT="$DEF"
		63	}
14		64
15	FD_COUNT=$(($(ls /proc/self/fd \| wc -w) - 4))	65	netjail_check() {
		66	local NODE_COUNT=$1
		67	local FD_COUNT=$(($(ls /proc/self/fd \| wc -w) - 4))
16		68
17	# quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`:	69	# quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`:
18	# the script also requires `sudo -C ($FD_COUNT + 4)`	70	# the script also requires `sudo -C ($FD_COUNT + 4)`
@@ -25,43 +77,81 @@ netjail_check() {
25	fi	77	fi
26	}	78	}
27		79
28	netjail_print_name() {	80	netjail_check_bin() {
29	printf "%s%02x%02x" $1 $2 ${3:-0}	81	local PROGRAM=$1
		82	local MATCH=$(ls $(echo $PATH \| tr ":" "\n") \| grep "^$PROGRAM\$" \| tr "\n" " " \| awk '{ print $1 }')
		83
		84	# quit if the required binary $PROGRAM can not be
		85	# found in the used $PATH.
		86
		87	if [ "$MATCH" != "$PROGRAM" ]; then
		88	echo "Required binary not found: $PROGRAM" >&2
		89	exit 1
		90	fi
30	}	91	}
31		92
32	netjail_bridge() {	93	netjail_bridge() {
33	BRIDGE=$1	94	netjail_next_interface
		95	local NUM=$RESULT
		96	local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
34		97
35	ip link add $BRIDGE type bridge	98	ip link add $BRIDGE type bridge
36	ip link set dev $BRIDGE up	99	ip link set dev $BRIDGE up
		100
		101	RESULT=$BRIDGE
		102	}
		103
		104	netjail_bridge_name() {
		105	netjail_next_interface
		106	local NUM=$RESULT
		107	local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
		108
		109	RESULT=$BRIDGE
37	}	110	}
38		111
39	netjail_bridge_clear() {	112	netjail_bridge_clear() {
40	BRIDGE=$1	113	local BRIDGE=$1
41		114
42	ip link delete $BRIDGE	115	ip link delete $BRIDGE
43	}	116	}
44		117
45	netjail_node() {	118	netjail_node() {
46	NODE=$1	119	netjail_next_namespace
		120	local NUM=$RESULT
		121	local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
47		122
48	ip netns add $NODE	123	ip netns add $NODE
		124
		125	RESULT=$NODE
		126	}
		127
		128	netjail_node_name() {
		129	netjail_next_namespace
		130	local NUM=$RESULT
		131	local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
		132
		133	RESULT=$NODE
49	}	134	}
50		135
51	netjail_node_clear() {	136	netjail_node_clear() {
52	NODE=$1	137	local NODE=$1
53		138
54	ip netns delete $NODE	139	ip netns delete $NODE
55	}	140	}
56		141
57	netjail_node_link_bridge() {	142	netjail_node_link_bridge() {
58	NODE=$1	143	local NODE=$1
59	BRIDGE=$2	144	local BRIDGE=$2
60	ADDRESS=$3	145	local ADDRESS=$3
61	MASK=$4	146	local MASK=$4
62		147
63	LINK_IF="$NODE-$BRIDGE-0"	148	netjail_next_interface
64	LINK_BR="$NODE-$BRIDGE-1"	149	local NUM_IF=$RESULT
		150	netjail_next_interface
		151	local NUM_BR=$RESULT
		152
		153	local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF)
		154	local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
65		155
66	ip link add $LINK_IF type veth peer name $LINK_BR	156	ip link add $LINK_IF type veth peer name $LINK_BR
67	ip link set $LINK_IF netns $NODE	157	ip link set $LINK_IF netns $NODE
@@ -72,28 +162,47 @@ netjail_node_link_bridge() {
72	ip -n $NODE link set up dev lo	162	ip -n $NODE link set up dev lo
73		163
74	ip link set $LINK_BR up	164	ip link set $LINK_BR up
		165
		166	RESULT=$LINK_BR
		167	}
		168
		169	netjail_node_link_bridge_name() {
		170
		171	netjail_next_interface
		172	netjail_next_interface
		173	local NUM_BR=$RESULT
		174
		175	local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
		176
		177	RESULT=$LINK_BR
		178	}
		179
		180	netjail_node_unlink_bridge() {
		181	local LINK_BR=$1
		182
		183	ip link delete $LINK_BR
75	}	184	}
76		185
77	netjail_node_add_nat() {	186	netjail_node_add_nat() {
78	NODE=$1	187	local NODE=$1
79	ADDRESS=$2	188	local ADDRESS=$2
80	MASK=$3	189	local MASK=$3
81		190
82	ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE	191	ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE
83	}	192	}
84		193
85	netjail_node_add_default() {	194	netjail_node_add_default() {
86	NODE=$1	195	local NODE=$1
87	ADDRESS=$2	196	local ADDRESS=$2
88		197
89	ip -n $NODE route add default via $ADDRESS	198	ip -n $NODE route add default via $ADDRESS
90	}	199	}
91		200
92	netjail_node_exec() {	201	netjail_node_exec() {
93	JAILOR=${SUDO_USER:?must run in sudo}	202	JAILOR=${SUDO_USER:?must run in sudo}
94	NODE=$1	203	local NODE=$1
95	FD_IN=$2	204	local FD_IN=$2
96	FD_OUT=$3	205	local FD_OUT=$3
97	shift 3	206	shift 3
98		207
99	ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN	208	ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN
@@ -114,3 +223,38 @@ netjail_node_exec_without_fds_and_sudo() {
114	ip netns exec $NODE $@	223	ip netns exec $NODE $@
115	}	224	}
116		225
		226	netjail_kill() {
		227	local PID=$1
		228	local MATCH=$(ps --pid $PID \| awk "{ if ( \$1 == $PID ) { print \$1 } }" \| wc -l)
		229
		230	if [ $MATCH -gt 0 ]; then
		231	kill -n 19 $PID
		232
		233	for CHILD in $(ps -o pid,ppid -ax \| awk "{ if ( \$2 == $PID ) { print \$1 } }"); do
		234	netjail_kill $CHILD
		235	done
		236
		237	kill $PID
		238	fi
		239	}
		240
		241	netjail_killall() {
		242	if [ $# -gt 0 ]; then
		243	local PIDS=$1
		244
		245	for PID in $PIDS; do
		246	netjail_kill $PID
		247	done
		248	fi
		249	}
		250
		251	netjail_waitall() {
		252	if [ $# -gt 0 ]; then
		253	local PIDS=$1
		254
		255	for PID in $PIDS; do
		256	wait $PID
		257	done
		258	fi
		259	}
		260